SOC Analyst L1

Position Overview

This is a rotational position, and you will need to be flexible to work 1st, 2nd, or 3rd shift.

The SOC Analyst is primarily responsible for:

• To monitor and fight threats to an organization's IT infrastructure


• Utilize and adhere to defined workflow and processes driving the response and mitigation efforts


• Collect relevant artifacts in support of incident response activities


• Conduct technical analysis on impacted systems to determine impact, scope, and recovery from active and potential cyber incidents


• Validate findings reported by SIEM


• Take ownership of the cases escalated as events of interest


• To assess security systems and measures for weaknesses and possible improvements


• Threat and vulnerability analysis


• Carries out triage to ensure that a genuine security incident is occurring


• Flexibility and ability to adapt to ambiguous and changing situations


• Strong customer service, communication, interpersonal, and analytical skills


• Enforce a high-quality customer services culture with focus on customer satisfaction


• Share and document your knowledge with teammates and guide them in the resolution of complex technical problems


• Need to be able to work independently and provide guidance to new staff on the team


• Troubleshoot incidents, identify root cause, fix and document problems, and implement preventive measures.


• Ensure accurate and timely resolution of all assigned issues, confirming to a strict SLA


• Experience coordinating resolution of L1/L2 support issues, and escalations as required


• Design and prepare technical reports, charts, and graphs to record results.


• Rapidly establish a good working relationship with customers and colleagues

Education/Work

• Bachelor’s degree in Computer Science, or equivalent in work experience.

Technical Skills

Required:

• Client-facing communications skills (verbal & written) including the ability to communicate with all levels, from developers through C level Management


• Implement and manage security tools


• Review incident alerts, run vulnerability tests, and escalate severe incidents to senior analysts in Tier 2 / 3


• Investigate suspicious activities, contain, and prevent them


• Reduce downtime and ensure business continuity


• Audit and compliance support


• Providing security services to the rest of the organization


• Basic/mid level knowledge in areas like networking, malware analysis, incident response, and cyber etiquette.


• Understanding of Networking (including the OSI Model, TCP/IP, DNS, HTTP, SMTP), System Administration, and Security Architecture


• Experience executing incident handling procedures


• 3+ years experience in Microsoft Office 365, Azure, Windows Active Directory, Windows Server, Windows 7/8/8.1/10 OS, PowerShell


• Customer experience with cloud and hybrid infrastructures, broad experience with Microsoft 365 Security, Azure Security


• Defining new and refining existing business processes with 5 Star support being at the heart of all processes

Nice to Have:

• Certifications in Microsoft, Cisco, Palo Alto, Juniper, and Linux technologies preferred


• Experience with ticketing systems such as Service-Now, Zendesk, Jira, Freshdesk, etc.


• Ability to work independently in a fast-paced environment where technology and customers' requirements can change regularly.

Linux and MAC OS experience